<?php
$root = $_SERVER['DOCUMENT_ROOT'];
include($root . "../util/session.php"); //checks that the user is logged in
include($root . "../util/privilege_check.php");
checkPrivilege("teacher");

if (isset($_POST['answerTrueFalse'])) {
    if (isset($_POST['question']) && isset($_POST['cutPoints']) && isset($_POST['addPoints'])) {
        $question = $_POST['question'];
        $answer = $_POST['answerTrueFalse'];
        $addPoints = $_POST['addPoints'];
        $cutPoints = $_POST['cutPoints'];
        $chapterID = $_SESSION['chapterPanel'];
        $subjectID = $_SESSION['subjectPanel'];

        $sql = "INSERT INTO questions (chapterID, questionDescription, questionType, answerTrueFalse, correctPoints, assHolePoints, subjectID) 
        VALUES ('$chapterID', '$question', 'TF', '$answer', '$addPoints', '$cutPoints', '$subjectID')";

        if (mysqli_query($db, $sql)) {
            mysqli_close($db);
            header("Location: teacher.php");
        } else {
            echo "Error: " . $sql . "<br>" . mysqli_error($db);
        }
    }
} else {
    if (
        isset($_POST['question']) && isset($_POST['answerA']) && isset($_POST['answerB']) && isset($_POST['answerC']) && isset($_POST['answerD'])
        && isset($_POST['answer'])  && isset($_POST['cutPoints']) && isset($_POST['addPoints'])
    ) {
        $question = $_POST['question'];
        $answerA = $_POST['answerA'];
        $answerB = $_POST['answerB'];
        $answerC = $_POST['answerC'];
        $answerD = $_POST['answerD'];
        $correctAnswer = $_POST['answer'];
        $addPoints = $_POST['addPoints'];
        $cutPoints = $_POST['cutPoints'];
        $chapterID = $_SESSION['chapterPanel'];
        $subjectID = $_SESSION['subjectPanel'];

        $sql = "INSERT INTO questions (chapterID, questionDescription, questionType, descriptionAnswerA, descriptionAnswerB, descriptionAnswerC, 
        descriptionAnswerD, answerABCD, correctPoints, assHolePoints, subjectID) 
        VALUES ('$chapterID', '$question', 'ABCD', '$answerA', '$answerB', '$answerC', '$answerD', '$correctAnswer', '$addPoints', '$cutPoints', '$subjectID')";

        if (mysqli_query($db, $sql)) {
            mysqli_close($db);
            header("Location: teacher.php");
        } else {
            echo "Error: " . $sql . "<br>" . mysqli_error($db);
        }
    }
}
